Third-party integrations via OAuth overview

OAuth integrations allow users to grant API access to their Airtable resources with third-party services. In addition, with OAuth Integrations, users can control what resources third parties can access while allowing them to revoke access at any time.

Introduction

Authorizing third-party services

Third-party integrations are initiated by the third-party requesting access to your Airtable resources, allowing you to share access to specific workspaces and bases. 

Granting access to Airtable workspaces & bases

When authorizing a third-party request, you can view the following:

• The third-party requesting access to your data. 
• A list of actions the third party is requesting to perform.  
• A list of workspaces and bases that an integration can access if or when shared. 

To grant access to a third party:

1. Click Add a base. 
2. Select the base(s) or workspace(s)from the list of available options. Chose the level of access you're granting:
   1. For one or more specific workspaces: All current and future bases in this workspace.
   2. One or more individual bases.
   3. All current and future bases in all current and future workspaces.
   4. Enterprise admins can also grant access to all of their enterprise's bases and workspaces by selecting Add an enterprise.
3.  Click Authorize. 

After authorizing access, you will be redirected back to the third-party service’s website.

Managing Integrations

Airtable offers users and admins access to a complete list of authorized OAuth integrations, with the ability to make changes and updates to past authorizations.

Access for users

1. Visit your Airtable homepage. 
2. Click Account in the top right corner and select Integrations.
3. Choose Third-party integrations. 
4. Click the >arrow under Third-party integrations.

 After clicking the > arrow, users can manage, revoke access, and remove integrations. And from the same dialogue screen, users can also grant access by clicking Add a base and Save changes.

Access for admins

Admins can view and revoke OAuth authorization grants for users and service accounts from their enterprise Admin Panel. To manage access for users and service accounts:

1. Click a user’s name from the Users page to access the User Detail page. 
2. Click the Third-party integrations tab.
3. Click … on the right side of an integration to manage that integration.
   1. Revoke access is available for all users internal to your enterprise.
   2. Edit permissions is available for service accounts only.

By clicking Edit permissions, admins can access an account's integration details. Admins can also grant access by clicking Add a base and Save changes.

The Admin Panel offers the ability to manage access to third-party integrations across organizations using the API access for third-party integrations in the Enterprise Admin Panel. Check out this article for more information.

Limitations

The limit on this is 20 for a single user. In other words, one single user is able to authorize the same integration no more than 20 times. In these instances, you may see this warning message:

You have reached the maximum access authorizations for this integration. You cannot authorize this integration again until you revoke at least one of the authorizations 

If a user hits this error, they will need to revoke at least one authorization before being able to authorize a new one. You can do this by clicking your account avatar > Integrations > Third-party integrations > Clicking on one integration to revoke > Revoke access.